ICANN approves plans to allow Unicode top-level domains. - Going Phishing ?

Capt'n Midnight · 01-11-2009 7:11pm #1

http://www.icann.org/en/announcements/announcement-30oct09-en.htm

Does this mean that phishers & co. will now have access to a lot of unicode characters that they can use to spoof the ascii characters of legit sites ?

Farcear · 04-11-2009 3:02pm

Yep.

Possibly a reason to start using link protection/verification features on anti-virus programs?

BaconZombie · 11-11-2009 9:34pm

http://☃.net

Mike 1972 · 13-11-2009 11:23pm

Capt'n Midnight wrote: »

phishers & co. will now have access to a lot of unicode characters that they can use to spoof the ascii characters of legit sites ?

The same thought occured to me when I first heard about it.

Maybe Im being a completly ignorant Anglocentric language imperialist but I reckon its a very bad idea. From my (admitedly limited) knowledge of non-Western cultures I was under the impression that speakers of languages using non-latin scripts could understand ASCII text anyway. People in Japan, South Korea, the Arab world etc dont seem to have a problem with using the internet now ?

BaconZombie · 18-11-2009 1:22pm

Just after listing to a Risky Business Podcast on this topic for anybody interested.

Risky Business #130 -- Are non-ASCII domain names a security risk?

This week's feature interview is with Chris Disspain, the CEO of Australia's domain name regulator auDA.

This week we're discussing the move to Cyrillic domain names -- some media commentators have gone a bit berserk on this one, saying that the move will introduce massive risks because people will be able to do phishing campaigns with domains made up partially of Cyrillic characters.

Chris will be along to talk about why he thinks that's wrong.

<snip>

ICANN approves plans to allow Unicode top-level domains. - Going Phishing ?

Comments